General
-
Target
fcffb70d37b8bc570c1085ca2ca0a78e_JaffaCakes118
-
Size
632KB
-
Sample
240420-r4mk5sah33
-
MD5
fcffb70d37b8bc570c1085ca2ca0a78e
-
SHA1
d7009d66fb57dcaed98aaade051d760b68c71a98
-
SHA256
d7126ee38cc6314776088c996442f286eab574ac3878030d71fde1d0c8c75623
-
SHA512
b41a82d3a9957ebe9a8d1ed30f649ab71fd999c0507d2947e7ed12e197113907873e8ab608b0e9d86d8b15cdb26ca5455a25428019db96cd552e1f26900272e3
-
SSDEEP
12288:UZWtI6RkHeZJys73dOvXDpNjNe8NupOB0vOB0j:UuhaHeZJ8NI8IOWOw
Malware Config
Targets
-
-
Target
fcffb70d37b8bc570c1085ca2ca0a78e_JaffaCakes118
-
Size
632KB
-
MD5
fcffb70d37b8bc570c1085ca2ca0a78e
-
SHA1
d7009d66fb57dcaed98aaade051d760b68c71a98
-
SHA256
d7126ee38cc6314776088c996442f286eab574ac3878030d71fde1d0c8c75623
-
SHA512
b41a82d3a9957ebe9a8d1ed30f649ab71fd999c0507d2947e7ed12e197113907873e8ab608b0e9d86d8b15cdb26ca5455a25428019db96cd552e1f26900272e3
-
SSDEEP
12288:UZWtI6RkHeZJys73dOvXDpNjNe8NupOB0vOB0j:UuhaHeZJ8NI8IOWOw
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-